One Small Tip That Can Help You Judge The Trustworthiness Of A Website

Many of us at MakeUseOf are very firm believers in the Web of Trust browser extension. Though no solution goes without false positives and certain loopholes, it’s a great way to gauge if a website is helpful or harmful.

Without WoT, a lot of people would feel up in the air about unfamiliar websites. You don’t have to. In this post, I’d like to show you one of the easiest and most effective ways for the average internet user to make their own call on the legitimacy of a website. The best part is that it requires no real technical skill and should take you a maximum of about two minutes per website. The only piece of information that you’ll need is the website’s URL, and that’s as easy as copy and paste. Interesed? Let’s look into it.

Domains

On an internet where free web hosting has been laid to rest for years, practically every website has their own dedicated domain name. The domain name for MakeUseOf is makeuseof.com. A domain name basically consists of two parts (if we leave out subdomains, which are irrelevant in this situation): the top-level domain and second-level domain.

In our example, the top level is com and second level is makeuseof. As you know, there are plenty of top-level domains, such as com, net, and org. A second-level domain is not limited in that same respect. When purchasing a domain (which costs roughly $10), you’re able to specify any alphanumeric second-level name. I could register craig4president.com today if I pleased.

It’s important to note that during the registration of a domain name, you are required to enter truthful registration information or you can face some pretty harsh fines and punishments. That leads us into our next section.

WHOIS

WHOIS (pronounced as the phrase who is) is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format.

In layman’s terms, WHOIS is like the Yellow Pages of domain names. When you register a domain name, the information you use (be it personal or of a business) is listed publicly and is available to anyone unless you use some sort of privacy service (which generally comes with an additional cost).

There are plenty of WHOIS lookup websites, but here are three of my favorites:

To look up the registration information of any domain name, just enter the domain and go. Here’s a screenshot of the WHOIS query for one of my favorite websites, Reddit:

As you can see, there’s a wealth of information. The information available is dependent on what registrar (such as GoDaddy) a domain name has been registered with.

Your Part

So how does knowing the registration information of a domain name help you be more confident about a website? Well, in many ways. Here are just a few that I can think of on the spot:

You can verify that the registrant is in a country that the website reflects, or at least not in a suspicious location where there is a high rate of internet fraud.

You can see if a domain’s registration information is set as private.

You can see how long a domain name has existed.

If you’re looking online for a website that is selling handbags, are you sure that you want to make your purchase from a website whose registration info comes from a company based in an area where common replicas and counterfeits are made?

If you’re already a little uncertain about a website, seeing that their WHOIS information is private could completely put you off. Keep in mind though that private registration information does not mean that a website is fraudulent or “bad” in any way. It just means that the domain registrant wants to hide their information, and that could simply be for their own privacy. A great example is our own domain at MakeUseOf. It is registered privately.

When you’re looking at a website that is offering free gifts for certain participation, are you sure you want to trust a website that was made just two months ago? You’re able to see that through a WHOIS query, and that’s understandably suspicious.

WHOIS is incredibly useful when doing research on websites that smell funny. If you’re suspicious and feeling uncertain, that option is always available to you. It’s just another resource to help you remain safe on the internet and passing judgment is completely in your hands. Do you find this tip useful? Let me know in the comments!

Get the best tips from MakeUseOf in your inbox, free!

Anandu B Ajith

Florin Ardelian

Craig Snyder

December 2, 2012

Yes.

Florin Ardelian

December 2, 2012

So the MUO owners are still giving their money to GoDaddy, after all the activism against them that took place on Reddit…

Craig Snyder

December 3, 2012

You’re pointing that out, but I honestly don’t have much of a response for it. I’ve never considered it an issue worth raising to anyone at MUO, but if it’s something that concerns you then that’s all in your right.

The way I see it, if GoDaddy has always provided a good service to the domain registrant, then so be it. I don’t support SOPA and I have extreme doubts that the registrant of our domain name supports SOPA. The fact that GoDaddy does (or “did”) won’t always be enough to disrupt a healthy business relationship.

It’s not the perfect analogy and it’s straying off track a little, but I’m not a religious person at all. If a devout Christian opened a nice bakery or market down the street, the last thing to stop me from buying would be the owner’s religious beliefs. What would stop me is if she sold stale bread.

Jagbir Sembhi

Ibrahim the Eritrean

December 2, 2012

Caig, while I must say this is one good strategy, it still is not enough and by no means foolproof — because this will still not help you if the website is hacked 10 minutes ago and is being exploited. You need to use this along with real time link scanner like AVG Link Scanner Free Edition — and may still have to use Sandboxie.

Junil Maharjan

Gerald Huber

December 2, 2012

Some good tips. Unfortunately I think that not many people will do these things. Too much of a hurry. And some may even think “Every thing on the internet is true and no one would EVAH lie to me.” I know my websites are registered privately. I have never done the WHOIS on a popular website. I wonder what information would be found.

raymond mcnatt

Michael

Rob Hindle

December 2, 2012

Key words are “small tip” and “help…”.

Whois can be useful to find out about the true owners of a web site but although the article says “you are required to enter truthful registration information or you can face some pretty harsh fines and punishments” that grossly over-states the position. I’m not aware of any fines or punishments ever having been applied. The probaly worst-case scenario is if someone challenges your right to the name, if your details are incorrect there’s a risk of the decision automaticaly going against you so you lose the domain.

It is important that you DO provide correct information, otherwise the registry might have difficulty contacting you should it need to but I’m not aware of much pro-active policing, certainly not when it needs to be done – within minutes of registration.

The bad guys register garbage names and use them for as little as 24 hours before moving their fraud/malware operation to a different domain. There’s nothing to stop them registering their address as 10 Downing St.

One factor that helps (but is not foolproof) is if you also take notice of the original creation date on the Whois. If the name has been around for a few years that’s a good sign – but it may have changed hands. If it was registered in the last few days that could be a warning sign.

Another small detail, maybe I’m being pedantic, but in the UK TLD (and some others) users are (currently) restricted to third level domains, usually under .co.uk

The UK registry does do some registration detail checking detail I have experience of someone who’d not updated their email address since original registration 10 years ago. Their domain name was registered to something like “John Smith, trading as AcmeWidgets”. Nominet (UK registry) emailed them (recently) to say the registration was not valid. The defect Nominet wanted correcting was to change the name to just “John Smith” and enter “trading as AcmeWidgets” in a separate field. Nominet gave just 2 weeks notice by email (to the defunct address) of releasing the name to the open market. Phone number and postal address were correct, their website had the current email address but Nominet relied solely on the registered email address.
As a consequence the first “John Smith” knew of the problem was when his domain stopped working. Luckily he was able to buy his name back.

In summary: yes it’s vital to have correct registration details but you don’t face a fine or punishment (only the threat) and you can’t rely on whois as a way of assessing trustworthiness.

Douglas Mutay

Douglas Mutay

December 5, 2012

I have checked my own website and saw that my private information such as phone number and address were available. I think this is a serious privacy issue and I wonder if there is a way I can keep only the essential info available to people that can search for my domain name. Any idea?

Anonymous

December 5, 2012

You should be able to change that through your domain registar.

Douglas Mutay

Shahbaz Amin

Anonymous

December 6, 2012

I usually judge the trustworthiness of a website with it’s design and I don’t know why. Though I don’t normally buy online outside eBay and Amazon when I find something interesting and want to give my personal information I would search some reviews in Google.

Lisa Santika Onggrid

December 6, 2012

Yes. It’s a common sense to keep a firm eye over domain name. Email from your bank with second level domain name? Absolute No-no. Being extra careful won’t hinder your productivity, so if you haven’t, start paying attention to the URL you’re clicking.